Set Up Ubuntu Server to Host VMsDownload and install Ubuntu Server 16.04.4 LTS. During installation, select the following options:
After installation, use apt-get to install the following packages:
0. Allow Port ForwardingRun the following command > sudo iptables -L And you should see the following as the first rule in the FORWARD chain: ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED This rule means a) all the VMs will get an internal IP on the 192.168.122.0 subnet, and b) the host will forward any packet to the VMs as long as the packet belongs to an established connection or a connection related to anther permitted connection. What's notably missing from ctstate is NEW, which is needed for an external client to connect (i.e. create a new connection) to a service running on a VM. Use the following command to modify the rule to allow forwarding of all connections: > sudo iptables -R FORWARD 1 -d 192.168.122.0/24 -j ACCEPT 1. Create a Virtual MachineDownload an ISO image, e.g. > wget http://releases.ubuntu.com/16.04.4/ubuntu-16.04.4-server-amd64.iso Create a config file like sd2018-ubuntu-server.cfg which specifies the parameters of the VM. Run the script createvm.sh to create the VM. For example: > createvm.sh sd2018-ubuntu-server.cfg The VM tool will create a VNC session to provide a GUI so we can complete the installation of the guest OS. First, open another terminal and run the following command to find out the port of the VNC session: > virsh dumpxml <name> | grep vnc where <name> is the name of the VM specified in the config file. And then, connect to the VNC session using a VNC viewer (e.g. TightVNC) from a different computer -- we need a GUI to run a VNC viewer, and the Ubuntu Server we use to host VMs does not have one. After the OS installation is completed, the VM will be restarted, and you can connect to it at the same port using VNC. 2. Clone More VMsOnce a VM is created, it's easy to clone more VMs with the same configuration using virt-clone. For example: > virt-clone --original sd2018-ubuntu-server --name sd2018-ubuntu-server-1 --file /mnt/disk2/vm/sd2018-ubuntu-server-1.qcow2 The first argument is the name of the original VM -- note that this VM must be stopped before it can be cloned. The second argument is the name of new VM, and the third argument is the VM image file to be created (qcow2 is the VM image file format). After the VM is created, use the following command to edit the VM settings: > virsh edit <name> Locate the line that looks like "<graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0'>", and change it so that autoport is no and port is a number other than -1 (e.g. 5901). We want to set the VNC port to a fixed number so the students know which port to use to connect to their VM. And while you are editing the VM settings, note down the MAC address of the VM as we'll use it in the next step: > virsh net-edit default In the <dhcp> section, limit the dynamic range, and add a <host> entry for the VM so it has a fixed IP, which is important for port forwarding. For example:
3. Port ForwardingSince VMs reside on an internal network that cannot be accessed directly from the outside world, we need to set up port forwarding in order for clients to access services running on the VMs. To simply put, port forwarding is a mapping between a host port and a VM port so that any traffic to the host port will be forwarded to the VM port. For example, the following commands set up forwarding of three ports 4022->22, 4080->80, and 4088->8080 for a VM with the address 192.168.122.100: > sudo iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 4022 -j DNAT --to 192.168.122.100:22
> sudo iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 4080 -j DNAT --to 192.168.122.100:80
> sudo iptables -t nat -A PREROUTING -i eno1 -p tcp --dport 4088 -j DNAT --to 192.168.122.100:8080
Note that eno1 is the LAN interface, and on different computers the id may be different (e.g. eth0 instead of eno1). 4. More virsh CommandsVMs can be managed using virsh. Here are some common virsh commands:
|